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In the claims : 
Please amerfcf 




the claims as follows: 



1 . (Currently Amended) A data transfer method performed at a proxy server, the method 
comprising: \ 

intercepting a data request from a client computer that is directed to a target server; 
encrypting profile information; 

augm e nting th e datay e qu e st by adding a ppending the encrypted profile information to the 
data request as originally intercepted to create an augmented data request ; and 
sending the augmented data request to the target server. 

2. (Original) The method of claim 1 further comprising: 
receiving a reference totten from the target server; 

receiving a second data request from the client computer that is directed to the target 
server; \ 

augmenting the second data request by adding the reference token to the second data 
request; and \ 

sending the augmented second data request to the target server. 

3. (Original) The method of claim 2 wherein the reference token comprises a reference to 
the profile information sent to the target server. 

4. (Original) The method of claim 1 further comprising retrieving the profile information 
from a database based on an identity of a user. 

5. (Original) The method of claim 4tfurther comprising using the Internet Engineering 
Task Force IDENT protocol to determine tha identity of the user. 



6. (Original) The method of claim 1 wherein encrypting profile information comprises 
determining a session key and using the session key as an encryption key. 
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7. (Original) The method of claim 6 further comprising encrypting the session key, and 
wherein augrnen\ing the data request further comprises adding the encrypted session key to the 
data request. 

8. (Original)! The method of claim 7 wherein using the session key to encrypt the profile 
information comprises using the session key as a symmetric encryption algorithm encryption 
key, and wherein encwpting the session key comprises encrypting using a public key encryption 
algorithm and a public\key associated with the target server. 

9. (Original) Theynethod of claim 8 further comprising obtaining the public key from the 
target server. 

10. (Original) The method of claim 9 wherein obtaining the public key from the target 
server comprises sending a request to the target server to retrieve the public key. 

1 1 . (Original) The method of claim 1 wherein the data request comprises a hypertext 
transfer protocol (HTTP) request comprising a HTTP field, the target server comprises a HTTP 
server, and the client computer comprises a web browser application. 

12. (Original) The method of claim 1 wherein the profile information comprises 
information associated with the client computer. 



13. (Currently Amended) A data transfer method performed at an information server, the 
method comprising: 

receiving an augmented data request . Wherein the augmented data request includes 
including encrypted user profile information a^ded -appended to a data request as originally 
intercepted by a proxy server; 

extracting the encrypted user profile information added to the data request by the proxy 

server; 



Applicant 
Serial No. 
Filed 
Page 



Larry T. HARADA et 
09/323,415 
June 1, 1999 
4 of 14 



Attorney's Docket No.: 06975-041001 / Security 01 



using the extracted profile information to generate a response; and 
sending the response to the proxy server. 

14. (Previously Amended) The method of claim 13 wherein using the extracted user 
profile information to generate a response comprises providing the extracted user profile 
information to a web application and generating the response by processing the web application. 

1 5. (Previously Amended) The method of claim 14 wherein providing the extracted user 
profile information comprises setting HTTP environment variables at a web server and wherein 
the web application comprises a common gateway interface script. 

16. (Previously Amenaed) The method of claim 13 further comprising storing the 
extracted user profile information at the information server and associating a reference token 
with the stored user profile information, and wherein the response further comprises the 
reference token. 

17. (Previously Amended)\ The method of claim 16 further comprising: 
receiving from the proxy server a second data request comprising the reference token; 
extracting the reference token from the second data request; 
accessing the stored user profile information based on the reference token; and 
using the stored user profile information to generate a response to the second data 

request. 



18. (Previously Amended) The method of claim 13 wherein extracting the user profile 
information comprises decrypting the user profile information. 



19. (Previously Amended) The method of claim 18 wherein the data request further 
comprises a session key added to the data request by the proxy server and wherein decrypting the 
user profile information comprises using the session key to decrypt the user profile information. 
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20. (Original) The method of claim 19 further comprising decrypting the session keys. 

21 . (Original) The method of claim 20 wherein decrypting the session key comprises 
decrypting using a public key algorithm and a private key of the information server, and wherein 
decrypting using th^ session key comprises decrypting using a symmetric decryption algorithm. 

22. (Currently VAmended) A computer program residing on a computer-readable medium, 
comprising instructions for causing a computer to: 

intercept a data request from a client computer that is directed to a target server; 
encrypt profile information; 

augm e nt, th e datay e qu e st by adding append the encrypted profile information to the data 
request as originally intercepted to create an augmented data request ; and 
send the augmentedldata request to the target server. 

23. (Original) The program residing on the computer-readable medium of claim 22 
further comprising instruction for causing a computer to: 

receive a reference token from the target server; 

receive a second data request from the client computer that is directed to the target server; 
augment the second data request by adding the reference token to the second data request; 



and 



send the augmented second\data request to the target server. 



24. (Original) The program residing on the computer-readable medium of claim 22 
wherein: 

the instructions for causing the ^omputer to encrypt profile information comprise 
instructions to encrypt the profilip information using a session key and a symmetric 
encryption algorithm; 

the program further comprises instructions to encrypt the session key using a public key 
encryption algorithm; and 
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the instructions to augment the data request further comprise instructions to add the 
encrypted session kej\ to the data request. 
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25. (Currently Amended) A computer program residing on a computer-readable medium, 
comprising instructions for causing a computer to: 

receive a data request comprising encrypted profile information added -appended to the 
data request as originally intercepted by a proxy server; 

extract the profile information added by the proxy server; 

use the extracted profile information to generate a response; and 

send the response to the proxy server. 

26. (Origina|) The program residing on the computer-readable medium of claim 25 
further comprising: 

instructions fir causing a computer to: 
store the extracted profile information; 
associate a reference token with the stored profile information; 
include the reference token in the response to the proxy server; 
receive from the proxy server a second data request comprising the reference token; 
extract the reference token; 

access the stored profile information based on the presence of the reference token in the 
second data request; and 

use the accessed profile information to generate a response to the second data request. 



27. (Original) The program residing on the computer-readable medium of claim 25 
wherein: 

the data request further domprises encrypted session key information; 

the program further comprises instructions for causing the computer to decrypt the 
session key information; and 

the instructions to extract tWe profile information comprises instructions for causing the 
computer to decrypt the profile information using the decrypted session key. 
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28. (Currently Amended) A proxy server comprising: 

a database comprising records storing user profile information; 

a network interface operatively coupled to a network to exchange data with a client 
computer and with a target server; and 

a processor operatively coupled to the network interface, the database, and a memory 
omprising executable {instructions for causing the processor to intercept a data 
request that is directed xo a target, server, retrieve a record from the database, encrypt profile 
information in the recora, augm e nt the data r e quest by adding th e e ncrypt e d profil e 
informatio n append the encrypted profile information to the data request as originally intercepted 
to create an augmented ckta request , and send the augmented data request to the target server 



29. (Original) Thelproxy server of claim 28 wherein the memory further comprises 
instructions for causing the processor to receive a reference token from the target server, receive 
a second data request from the client computer that is directed to the target server, augment the 
second data request by adding the reference token to the second data request, and send the 
augmented second data request to the target server. 



30. (Original) The proxy server of claim 28 wherein: 

the instructions for causing the computer to encrypt the profile information comprise 
instructions to encrypt the proqle information using a session key and a symmetric encryption 
algorithm; 

the memory further comprises instructions to encrypt the session key using a public key 
encryption algorithm; and 

the instructions to augmerit the data request further comprise instructions to add the 
encrypted session key to the data request. 
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3 1 . (Currently Amended) An information server comprising: 

a network interface operatively coupling the information server to a targe ^proxy server; 



and 



a processor operatively coupled to the network interface and to a memory comprising 
executable instructions for causing the processor to receive an augmented data request from the 
proxy server, wherein the augmented data request includes encrypted user profile information 
appended to a data request as originally intercepted by the proxy server, decrypt the encrypted 
user profile information add e d to th e data r e qu e st by th e target s e rv e r ; and use the decrypted user 
profile information to generate a response to the augmented data request. 

32. (Currently Arhended) The server of claim 3-4-31 wherein the memory further 
comprise instructions to decrypt an encrypted session key added to the data request by the proxy 
server, and the instruction^ to decrypt user profile information further comprise instructions to 
decrypt the user profile information using the decrypted session key. 

33. (Currently Amended) A method performed at a proxy server, the method comprising: 
receiving a request filpm a client; 

determining destination information associated with the request; 
determining that a target server associated with the destination information should 
receive user profile information; 

encrypting user profile information; 

augm e nting th e r e qu e st by adding e ncrypt e d us e r profil e information a ppending the 
encrypted profile information to\the data request as originally intercepted to create an augmented 
data request ; and 

sending the augmented reiuest to the target server. 



34. (Previously Added) The method of claim 33 further comprising: 
determining a valid public Key for the target server; 
encrypting a session key using the public key; and 
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augmenting the request by adding the encrypted session key 




35. (Previously Added) The method of claim 34 further comprising: 
determining a val d public key for the target server; 

encrypting a sessi 3n key information using the public key; 
encrypting the user profile information using the encrypted session key; and 
augmenting the request by adding the public key, encrypted session key, and encrypted 
user profile information td the request. 

36. (Previously Addled) The method of claim 33 wherein determining the target server 
should receive user profile information includes querying a database associated with the proxy 
server to determine if the target server should receive user profile information. 



37. (Previously Added) The method of claim 33 further comprising receiving a token 
from the target server and providing the token with other requests associated with the user profile 
that are directed to the target server. 



38. (Currently Amended) A system comprising: 
a proxy server to: 
receive a request from al client; 

determine a-destination information associated with the request; 

determine that a target server associated with the destination information should receive 
user profile information; and 

encrypting user profile information; 

augment th e r e qu e st by adding e ncrypt e d us e r profil e information appending the 
encrypted profile information to tnp data request as originally intercepted to create an augmented 
data request ; and 

te-send the augmented requfest to the target server. 
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to: 




39. (Previously Added) The system of claim 38 wherein the proxy server is configured 

determine a validpublic key for the target server; 
encrypt a session ttey information using the public key; and 
augment the request by adding the encrypted session key. 

40. (Previously Added) The system of claim 38 wherein the proxy server is configured 

determine a valid puttlic key for the target server; 
encrypt a session key information using the public key; 
encrypt the user profile information using the encrypted session key; 
augment the request by adding the public key, encrypted session key, and encrypted user 
profile information to the request. 



41 . (Previously Added) IThe system of claim 40 wherein the proxy server is configured 



to: 



determine the target server should receive user profile information includes querying a 
database associated with the prox}\ server to determine if the target server should receive user 
profile information. 



42. (Previously Added) The system of claim 41 further comprising a target server 
wherein the target server is configurer! to: 

store the user profile information; 

send a token to the proxy serve 

receive the token with a subsequent request; and 
access the stored user profile inrormation based on the token. 



